The ICO has fined Royal & Sun Alliance Insurance PLC (RSA) £150,000 following the loss of the personal information of nearly 60,000 customers. An ICO investigation looked at the theft of a hard drive device containing 59,592 customers’ names, addresses and bank account details including account numbers and sort codes.
.
Mark James, IT Security Specialist at ESET:
The topic of security these days is on everyone’s lips and something that every company needs to take seriously. It’s not possible to protect against every possible attack vector but you should be able to take reasonable precautions to ensure you have done all you can to protect the data of your users. Encryption is not new, it has a relative low cost and can be rolled out and maintained with ease, it would not have stopped the theft of the hard drive in this case but it would have stopped the data being accessible. Fines need to be in place but more importantly there needs to be follow up, if you are holding other people’s data you need to do all you can to keep it safe.”
The opinions expressed in this article belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.